Quick contact

* Name

* Email

* Message

Subscribe for updates

* Name

* Email

When Too Much Vulnerability Intelligence is a Bad Thing

When you’re scouring for application vulnerabilities and trying to keep up with all the latest issues, good vulnerability intelligence is essential. You need expert advice and insight to understand your level of exposure so you can patch vulnerabilities before they’re exploited.

But that’s not to say that all vulnerability intelligence is good. In fact, it’s information overload that’s most likely to get in your way to quick, effective patching.

You’re probably using a large number of different applications. They come from different vendors, and have different mechanisms for patching and deployment.

And what you need is timely, actionable intelligence that relates to the applications you’re using. Not the clutter and chaos of alerts, advisories, and reports that relate to applications you’re not using.

TMI (Too Much Information)

Most security companies issue advisories for specific incidents and vulnerabilities. They put everything related to a vulnerability in the same place. But that’s not very practical.

Because, really, who cares about everything related to a vulnerability? You only care about the parts that could affect you.

Take the Heartbleed vulnerability, disclosed in April 2014. Affecting the cryptography that was the bedrock of data security, it was an issue that everyone in the world of IT wanted to keep up to date with.

So, most security companies issued a detailed advisory. A huge document that covered so many different applications that finding the important parts was a challenge.

And every time it was updated? Another alert to notify you. About a change that’s probably not relevant to your business.

A different approach is needed – not with one all-encompassing advisory, but with 210 smaller ones, each related to a specific application. So the only alerts are ones that are relevant. And the only advisories are small, easy to understand, and practical.

The extensive, detailed intelligence on every aspect of Heartbleed and every application it affected was still there. But a more intelligent delivery model helped customers avoid the parts that didn’t matter to them.

Application patches are more important than application vulnerabilities

As well as long advisories that cover a huge number of different applications, other security providers tend to write advisories on a per CVE number basis. For each vulnerability that is disclosed, there’s a new alert and a new advisory to read.

In some ways, it’s the approach you’d expect. You want to know about every vulnerability. But there’s a bigger priority to consider. You want to know how to fix things.

When advisories are issued for every CVE number, you may end up reading the same material again and again. After all, there’s a good chance that a number of different vulnerabilities are all fixed with a single patch.

Use a patch management vendor that issues a single advisory covering all the CVEs that are fixed with the same action. No repetition. No reading a long account of an issue, only to find that you’ve already applied the relevant patch.

Just practical answers. And no more irrelevant vulnerability intelligence.

The Latest from Alpha Gen:

We live in an imperfect world. It’s a place where cyber criminals target unsuspecting businesses to steal data, disrupt services and even extort money. A place where your technology is always under attack and risk is ever-present. Why, then, would anyone expect cyber security to be perfect? Read more...

Recent Articles:

The fundamentals of successful least privilege adoption

Avoid the common pitfalls that get in the way of Least Privilege Adoption with Thycotic’s latest eBook. You’ll get a complete guide to what constitutes best practice and where even the best-intentioned programmes fall apart. Now is the time to make your least privilege implementation a success.

Alpha Generation Distribution Grows Its Vendor Portfolio with Lepide

Alpha Generation Distribution Announces New Partnership with CoSoSys

In a climate of rising compliance and hard-to-manage endpoints, Alpha Generation partners with CoSoSys to bring robust endpoint protection to the UK market.. An established leader in the space, CoSoSys provides Endpoint Protector [...]